Children’s hospital reveals cyberattack impacting millions of Social Security numbers

In this DML Report…
Lurie Children’s Hospital in Chicago disclosed a cyberattack that exposed the personal data of 791,000 patients, with a hacker group claiming to have stolen 6 million Social Security numbers and medical records. The breach, which occurred on January 31, involved the Rhysida ransomware gang, known for targeting healthcare systems, who accessed sensitive information including names, addresses, birth dates, and treatment details. The hospital paid a $3.4 million ransom in Bitcoin to prevent the data from being sold on the dark web, but the gang leaked it anyway after claiming the payment was insufficient, demanding $6 million.

The attack disrupted hospital operations for weeks, forcing Lurie Children’s to shut down systems, which delayed patient care and impacted billing. The hospital, one of the largest pediatric centers in the U.S., notified affected patients and offered two years of free identity protection and credit monitoring services. Federal authorities, including the FBI and HHS, are investigating, with the Rhysida gang believed to be based in Russia or Eastern Europe and linked to prior attacks on the healthcare and education sectors.

(see more below)

This breach follows a pattern of escalating cyberattacks on U.S. healthcare, with 2024 seeing an average of 16.4 million records breached monthly, per the HIPAA Journal. A separate February 2024 attack on Change Healthcare affected 100 million individuals, highlighting systemic vulnerabilities. Senator Mark Warner criticized the healthcare industry’s cybersecurity practices, noting its critical role in public well-being, as experts warn that such attacks continue to threaten patient safety and privacy.